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DETAILED ACTION 

1. Claims 1-35 have been examined. 

Claim Rejections - 35 USC § 101 

2. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

3. Claims 24-35 are rejected under 35 U.S.C. 101 because the claimed invention is 
directed to non-statutory subject matter. 

4. Claims 24,28 and 32 are directed to data authentication method that an 
operational part of application code has not been modified from its as-delivered form. 
The examiner respectfully asserts that the claimed subject matter does not fall within 
the statutory classes listed in 35 USC 101. Claims 24,28 and 32 are directed to a 
computer readable media that includes data signals (See Specification 0054). A signal 
does not fall within one of the four statutory classes of 1 01 .Claims 25-27,29-31 ,33-35 
rejected on the same rational because they are depend on claims 24,28 and 32. 

Claim Rejections - 35 USC § 102 

5. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 
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(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

6. Claims 1-35 are rejected under 35 U.S.C. 102(b) as being anticipated by 
Johnson, P. K.,et al(hereinafter referred as Johnson) (WO 00/18162). 

7. As per claim 1,13,24: Johnson discloses a method/apparatus/a machine- 
readable medium comprising: receiving an ephemeral value from a challenging device 
(See col 6 lines 17-24 and Figs 2,3); retrieving data whose content is known to the 
challenging device (col 6 lines 25-33 and Fig 2,3); generating a digital signature of the 
data based on the ephemeral value; and transmitting the digital signature to the device 
(Col 6 lines 25-33 and Figs 2,3). 

8. As per claim 2,25:Jhonson discloses the method wherein receiving the 
ephemeral value from the challenging device comprises receiving a randomly generated 
number from the challenging device (See col 6 lines 1-9). 

9. As per claim 3,26: Johnson discloses the method wherein retrieving the data 
comprises retrieving at least part of application code (See col 7 lines 23-30). 

10. As per claim 4,27: Johnson discloses the method wherein generating the digital 
signature of the data based on the ephemeral value comprises generating a one-way 
hash across the data based on the ephemeral value (col 6 lines 25-33). 

11. As per claim 5,28: Johnson discloses a method comprising: receiving, into a 
response device, an ephemeral value from a challenge device (See col 6 lines 17-24 
and Figs 2,3); retrieving data from an address space in the response device, wherein 
the data is known to the challenge device and the response device (col 6 lines 25-33 
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and Fig 2,3); generating a hash across the data using the ephemeral value as a key of 
the hash (Col 6 lines 25-33 and Figs 2,3); and transmitting at least part of the hash to 
the challenge device(See Col 6 lines 25-33 and Figs 2 step 21 2B). 

12. As per claim 6,29: Johnson discloses the method further comprising generating a 
reduced hash based on the hash, wherein transmitting the ephemeral value and the at 
least part of the hash to the challenge device comprises transmitting the ephemeral 
value and the reduced hash to the challenge device (See abstract). 

13. As per claim 7,30: Johnson discloses the method wherein retrieving the data 
from the address space in the response device comprises retrieving application code to 
be executed in the response device (col 6 lines 25-33 and Fig 2,3). 

14. As per claim 8,31 : Johnson discloses the method wherein retrieving the data 
from the address space in the response device comprises retrieving configuration 
parameters of the response device (col 6 lines 25-33 and Fig 2,3). 

15. As per claim 9,32: Johnson discloses a method comprising: authenticating data 
having predictable content and'stored in an address space of a remote device, the 
authenticating comprising: generating a random number (See col 10 lines 20-33); 
transmitting the random number to a remote device presumably having the data (See 
col 6 lines 17-24 and Figs 2,3); receiving, from the remote device, a first digital 
signature that is representative of the data (See Col 6 lines 25-33 and abstract); 
generating a second digital signature based on the random number(See abstract); and 
comparing the first digital signature to the second digital signature(See abstract). 
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16. As per claim 10,33: Johnson discloses the method wherein authenticating the 
data having predictable content comprises authenticating an application executable (col 
7 lines 1-3). 

1 7. As per claim 1 1 ,34: Johnson discloses the method wherein authenticating the 
data having predictable content comprises authenticating at least one security 
parameter (See col 7 lines 1-3). 

18. As per claim 12,35: Johnson discloses the method wherein authenticating further 
comprises marking the data as authenticated if the first digital signature equals the 
second digital signature (See abstract and Fig 3). 

19. As per claim 14: Johnson discloses the apparatus wherein the I/O logic is to 
receive the request for authentication from a challenge device, the I/O logic to transmit 
the cryptographic hash back to the challenge device (See Figs 2,3). 

20. As per claim 15: Johnson discloses the apparatus wherein the storage medium is 
a nonvolatile memory (See col 10 lines 3-16). 

21. As per claim 16: Johnson discloses further comprising a data selection logic to 
select less than all of the data, wherein the at least part of the data is the less than all of 
the data (See col 6 lines 17-24 and Figs 2,3). 

22. As per claim 17: Johnson discloses the apparatus wherein the data selection 
logic is to select less than all of the data based on a random number based selection of 
segments of the data (See col 6 lines 17-24 and Figs 2,3). 
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23. As per claim 18: Johnson discloses the apparatus wherein the data comprises an 
application to be executed in the apparatus (col 7 lines 1-3). 

24. As per claim 19: Johnson discloses the apparatus wherein the data comprises at 
least one security parameter of the apparatus (See col 7 lines 1-3). 

25. As per claim 20: Johnson discloses a challenge device to authenticate data 
presumably stored in a response device, the challenge device comprising: a storage 
medium to store a copy of the data presumed to be stored in the response device (See 
Fig 1 step 128); a key generation logic to generate an ephemeral value (See Fig 1 step 
126 and col 6 lines 1-5); an input/output (I/O) logic to output a request for authentication 
to a response device, wherein the request includes the ephemeral value, the I/O logic to 
receive a first digital signature from the response device in response to the request for 
authentication(See Fig 2,3 and abstract); a signature logic to retrieve the copy of the 
data and the ephemeral value and to generate a second digital signature(See Fig 2,3 
and abstract); and an authentication logic to compare the first digitaLsignature to the 
second digital signature, wherein the data is authenticated if the first digital signature 
equals the second digital signature(See Fig 2,3 and abstract). 

26. As per claim 21 : Johnson discloses the challenge device wherein the ephemeral 
value comprises a randomly generated value (See col 6 lines 1-3). 

27. As per claim 22: Johnson discloses the challenge device wherein the data 
comprises application code to be executed by the response device (col 7 lines 1-3). 

28. As per claim 23: Johnson discloses the challenge device wherein the data 
comprises at least one configuration parameter of the remote device (col 7 lines 1-3). 
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Conclusion 



29. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. See PTO 892. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Fikremariam Yalew whose telephone number is 
5712723852. The examiner can normally be reached on 9-5. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Moazzami Nasser,can be reached on 5712738300. The fax phone number 
for the organization where this application or proceeding is assigned is 571-272-4195. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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